Описание
An authenticated arbitrary file download vulnerability in the component /admin/Backups.php of Mccms v2.7.0 allows attackers to download arbitrary files via a crafted GET request.
Ссылки
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:chshcms:mccms:2.7:*:*:*:*:*:*:*
EPSS
Процентиль: 12%
0.00039
Низкий
5.5 Medium
CVSS3
Дефекты
CWE-598
Связанные уязвимости
CVSS3: 5.5
github
7 месяцев назад
An authenticated arbitrary file download vulnerability in the component /admin/Backups.php of Mccms v2.7.0 allows attackers to download arbitrary files via a crafted GET request.
EPSS
Процентиль: 12%
0.00039
Низкий
5.5 Medium
CVSS3
Дефекты
CWE-598